def post(self):
username = self.get_current_user()
if username is None:
self.result("error", "Access denied.")
return
user = User.get_user(username)
if user.permission_level < constants.PERMISSION_LEVEL_USER:
self.result("error", "Access denied.")
return
try:
displayname = strip_tags(self.get_argument("displayname"))
email = strip_tags(self.get_argument("email"))
showemail = bool(self.get_argument("showemail", False))
except:
self.result("error", "Invalid arguments. Check that all fields are filled out correctly.")
return
session = SessionFactory()
try:
user.displayname = displayname
user.email = email
user.showemail = showemail
session.add(user)
session.commit()
self.result("success", "Settings saved successfully.", user)
finally:
session.close()
def put(self, socket_connection, message, object_data):
target_id = object_data[u'id']
target_username = object_data[u'username']
target_permission_level = int(object_data[u'permissions'])
session = SessionFactory()
try:
if target_id is not None:
user = session.query(User).filter(User.id==int(target_id)).one()
user.username = target_username
user.permission_level = target_permission_level
else:
user = User(target_username, target_permission_level)
session.add(user)
session.commit()
self.on_update(user)
finally:
session.close()
result_message = {'type': self.message_type,
'response': self.object_to_json(user),
'deferredId': message['deferredId'],
}
socket_connection.write_message(json.dumps(result_message))
#!/usr/bin/python
import os
import sys
system_directory = os.path.dirname(os.path.abspath(__file__))
sys.path.append(system_directory + "/imports")
username = sys.argv[1]
permission_level = int(sys.argv[2])
from database.User import User
from database.SessionFactory import SessionFactory
session = SessionFactory()
try:
user = User.get_user(username)
user.permission_level = permission_level
session.add(user)
session.commit()
print "Successfully set permission level for user '{}' to {}.".format(user.username, user.permission_level)
finally:
session.close()
